/*-
 * cors的安全模式过滤器，允许跨域请求
 */

package com.lmx;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.OncePerRequestFilter;

@Configuration
public class CorsDefFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
                    FilterChain filterChain) throws IOException, ServletException {

        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS");
        response.setHeader("Access-Control-Max-Age", "1728000");
        response.setHeader("Access-Control-Allow-Headers","content-type,ccd-user-id,action,ccd-token,Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Q-SID,Referer,User-Agent, X-DevTools-Emulate-Network-Conditions-Client-Id,tenantId");
        filterChain.doFilter(request, response);
    } 
}